ec7fbaa588e99bad5fe02d9b813036a57aeb9069e2bfe9611ed9646485702e13

Analysis

max time kernel
9s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 12:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

FollowBegir04.apk
Size

3.8MB
MD5

062c020e9d19c430d004b7237356a818
SHA1

7e299d6c687490f2bd0bf551dc73f4e6f6785b4b
SHA256

ec7fbaa588e99bad5fe02d9b813036a57aeb9069e2bfe9611ed9646485702e13
SHA512

e99a55a908bb263276512a68b86eefa7c223e7c12898d328fce7a35939935d25208afb7084bb4f432a939f191e9dfa4c8359a1ddbacfdeaf66eb7fffcd89033d
SSDEEP

98304:kS3BetIPdVQG1B+MWBvylmoTIPD0J/Bml5yG:kSRs4V71BEND0dC

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

service.api.insta

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo service.api.insta
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

service.api.insta

description ioc process

Framework API call javax.crypto.Cipher.doFinal service.api.insta

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	service.api.insta

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	service.api.insta

service.api.insta
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4207

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/service.api.insta/cache/com.batch.tmp.927f359d-4e8d-4191-bf3b-a1a0d3119f17.json
Filesize
77B

MD5
59d742ccd15a1e09e92366bb29b8a9fb

SHA1
8dfbc0202efd41b12d35ef11d2d887684995afad

SHA256
fe64d1db42f094f3b2e4920f16340c5a30e1e3f4d4b04e11c068bb5a813bc24f

SHA512
3c48d1d2d6757ddbe9bf28b36b338de1c82b841f9f5118b769d3f868e75d842269bfd5f240c0a05f44e113159dcafe6f19de5bfb64b819e2afb52e6a9ce53772

Download Submit
/data/data/service.api.insta/databases/LocalCampaignsSQLTracker.db-journal
Filesize
512B

MD5
b855f9af8dfb0e94999558b720653753

SHA1
9820e41d58408f6d47a807e5b9dfafda12af673b

SHA256
f805f9f94798e315c284dfaa5c16ffa86fc12ca7c79b762e35b807593edf9e92

SHA512
df08f8f207f3258083d61f28644fa1ce950e8a7904a1f126f93be2e66dcbd27e685980a6ae6e5b289ff3a8be6d41e8b4f0e8a651882baeca423886942d2aaa7d

Download Submit
/data/data/service.api.insta/databases/LocalCampaignsSQLTracker.db-wal
Filesize
36KB

MD5
87e6aeb415f16f04e0d2a62ae040aec3

SHA1
8e91b5a1445be3ce02e9908eb927e647d231012b

SHA256
22ac447069c4fb00e31bc4bbe14e896910b6da8b1c0406ffad85c7d41ccbd106

SHA512
1898cc2c9cdb5242d48cf00e971bfef7d5e2bf7ad649f6f25289434623f4010641b895e90ed5a4d950790af9a8b448494d80e16f42e2c7e366a035d7fc3f4c65

Download Submit
/data/data/service.api.insta/databases/ba_tr.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/service.api.insta/databases/ba_tr.db-journal
Filesize
512B

MD5
66484c90f88fa1c018a3f1cd72fb9153

SHA1
bddcdae9a6c6f2eb25c8f87a0c67d889dcc96edb

SHA256
771316cb80bc576813fa3bc13e25c556bba63000b50729c8d1884e2d5551dcb6

SHA512
dc26d23f4a22bce5640304e897fb006b42bf97102266a028fcc2d908de85ab8d3224a6fbece8813ebd4ec5f838c0b6d490c9dde74d6e781e7c6126848bbf9fe4

Download Submit
/data/data/service.api.insta/databases/ba_tr.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/service.api.insta/databases/ba_tr.db-wal
Filesize
48KB

MD5
6ce072d68ab80d9929a03533d70b81fa

SHA1
b869e0f0fa2e88ea7245f3cbe72aea41ef676589

SHA256
ba27b4312f120b0f466688d1b8e9339f86daf4c7bd69e41b6d75f6fa4269e1cb

SHA512
f1076a8411d0808bfd4280c1200a79a2b30a69526dcfc2e323f8585a3e9c33fd42b2d16cc73408fca8011c2f167a844bd4c085aa416f15fb675330319fb3c1bd

Download Submit
/data/data/service.api.insta/databases/i_user_accounts-journal
Filesize
512B

MD5
78dac913bd2618459f42911fe576088e

SHA1
bf89d800e1e71ca59235a1adf15bdaadc20c3311

SHA256
ce6d298edd5c3c151a7ad69a10c29ee52692fbbada28d08162d71513982c4300

SHA512
e7bfb6c28b603ddbde3ae0f2106dd679ec9c8da45d773d9fcdae7c6e6e78e711547de820648fa5db3009cf33a6ae6840044430a2b64ca08ea7faa1c103794eea

Download Submit
/data/data/service.api.insta/databases/i_user_accounts-wal
Filesize
32KB

MD5
6496d38f6aea78398f3dae296bed340e

SHA1
94228dccb22de531d47174333786062070b5c3ec

SHA256
368d2f71e4adfac4a62f631a10c4f53a51605ba425800085ed0775afd3081bd9

SHA512
8ee1b5d917a6acbe625d19d1d6e450fd1ef324acfa03c4614fab546b02ffd5e7fd3ccab20dd6eff7ee56065e25230ff0dc12116fbf1d7e431419825b69330d40

Download Submit